Bug 825360

Summary: Application template quickstarts should pull from a controlled, non-master branch
Product: OKD Reporter: Clayton Coleman <ccoleman>
Component: WebsiteAssignee: Fotios Lindiakos <fotios>
Status: CLOSED NEXTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: low Docs Contact:
Priority: high    
Version: 2.xCC: jkeck, mpatel
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-07 19:25:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Clayton Coleman 2012-05-25 19:22:37 UTC 
Starting this sprint application templates will be available to our users through the UI that allows them to create a full featured application with a single click.  The Git source for each app will be the quickstart.

For security reasons we want to ensure that the branch of quickstart code that is used by the template is very highly reviewed.  These will be public repositories and are part of our opensource strategy, but we need to ensure that we don't open an attack vector (malicious user injects vuln. into quickstart, user clones quick start, attacker attacks their app).  We also want to allow test to verify certain branches.

So, for each application template we create based on a public quickstart I recommend we create an application_template branch that a) is the source Git URL for the template) and b) only pushed to by the owner of the repo.  If we need additional security, we may want an official fork but that adds additional process.  I do not think we need a staging branch for these.

The test team will need to validate quickstart code that makes it into the template AND test it against the staging/production systems when it is updated.

The initial templates are:
  https://github.com/openshift/drupal-example
  https://github.com/openshift/wordpress-example
  https://github.com/openshift/rails-example
  https://github.com/openshift/kitchensink-example

Each of these will need a branch created and the templates updated to point to the branch as the Git source.

Required to enable templates in production.
Comment 1 Fotios Lindiakos 2012-06-07 19:25:04 UTC 
Created User Story to capture this.
https://rally1.rallydev.com/#/4670516379d/detail/userstory/6650619807
Comment 2 Clayton Coleman 2013-07-08 21:14:06 UTC 
This was finally implemented this sprint in https://trello.com/c/VIrKJHSF